<?php
	session_start();
	
	function submitForm(){
		if ($_SERVER['REQUEST_METHOD'] == 'POST'){
			// Connect to server and select databse.
			mysql_connect("localhost", "root", "")or die("cannot connect"); 
			mysql_select_db("Project 5.5")or die("cannot select DB");

			// username and password from form 
			$myusername=trim($_POST['username']); 
			$mypassword=trim($_POST['password']);
			
			$sql="SELECT Username, Password, First_Name, Last_Name, Email, Role FROM users";
			$result=mysql_query($sql);
			$valid = false;
			
			//registers session if username and password match
			while ($row=mysql_fetch_row($result)) {
				if ($row[0]==$myusername&&$row[1]==$mypassword) {					
					$_SESSION["username"]=$row[0];								
					$_SESSION["firstname"]=$row[2];
					$_SESSION["lastname"]=$row[3];
					$_SESSION["email"]=$row[4];
					$_SESSION["role"]=$row[5];
					
					$valid=true;
					break;
				}
			}
			
			if (!$valid) {
				echo "<a href='login.php'>";
				echo '<div id="error" style="display:block;">';
				echo "Wrong username or password.";
				echo '</div></a>';
			} else {
				header("location:index.php");
			}
		}
	}
	
	//clears session and displays message
	function showLogout(){
		if (isset($_GET['destroy'])){
			$destroy=$_GET['destroy'];
			if ($destroy){
				unset($_SESSION["username"]);
				unset($_SESSION["firstname"]);
				unset($_SESSION["lastname"]);
				unset($_SESSION["role"]);
				session_destroy();
				echo '<div id="error" style="display:block;background:#9F9;color:#777;">';
				echo "<a href='login.php'>You Are Successfuly Logged Out.</a>";
				echo '</div>';
			}
		}
	}
	
	
	
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
	<head>
		<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
		<title>Login</title>
		<link href="css/main.css" rel="stylesheet" type="text/css" />
		<script type="text/javascript" src="js/formsValidate.js"/></script>
	</head>

	<body>
		
		<?php 
			submitForm();
			showLogout();
		?>
		
		<a href='login.php'>
			<div id="error">
			</div>
		</a>
		
		<div id="login-box">			
			
				<br />
				<H2 style="padding-top:35px">Login</H2>
				<br />
				<form method="post" name="loginform" action="<?php echo $_SERVER['PHP_SELF'] ?>" onSubmit="return validateForm('loginform');">
					<div id="login-box-name" style="margin-top:20px;">
						Username:
					</div>
					<div id="login-box-field" style="margin-top:20px;">
						<input name="username" class="form-login" title="Username" value="" size="30" maxlength="2048" />
					</div>
					<div id="login-box-name">
						Password:
					</div>
					<div id="login-box-field">
						<input name="password" type="password" class="form-login" title="Password" value="" size="30" maxlength="2048" />
					</div>
					<br />
					<span class="login-box-options">
						<a href="enrol.php" style="margin-left:30px;">Not Enrolled? Sign up Here</a>
					</span>
					<input type="image" src="img/login-btn.png" width="103" height="42" style="margin-left:125px;position:relative;top:25px;" />
				</form>
				
		</div>
		
		<div id="bottombg" style="position:absolute;bottom:0;left:0;right:0;">
			<p>
				<a style="color:#333" href="http://www.qut.edu.au/additional/privacy">Privacy</a> 
				|
				<a style="color:#333" href="http://www.qut.edu.au/additional/copyright">Copyright</a>
				|
				<a style="color:#333" href="http://www.qut.edu.au/additional/disclaimer">Disclaimer</a>
				|
				<a style="color:#333" href="http://www.qut.edu.au/additional/accessibility">Accessibility</a>
			</p>
		</div>
	</body>
</html>
